WHAT IS CLAIMED IS: 



1. In an electronic mail (e-mail) system, a method for processing an incoming e-mail 
message that is being received from another domain, the method comprising: 

receiving at a first process a request from a particular domain to establish a new 
5 connection for transmitting a particular e-mail message to the e-mail system; 

in response to receipt of said request from the particular domain, creating a second 
process for handling the request to establish a new connection, said second process being 
connected to a flow control filter providing filtering on a per-domain basis; 

comparing the request from the particular domain against configurable policy rules; 

10 and 

denying the request if any of said policy rules would be violated. 

2. The method of claim 1, wherein said configurable policy rules specify a 
maximum number of connections permitted by a given domain over a period of time. 

3. The method of claim 2, wherein said period of time is configurable. 

15 4. The method of claim 1, further comprising: 

if none of said policy rules would be violated, permitting the requested connection 
and incrementing a counter indicating how many connections have been granted to the 
particular domain. 

5. The method of claim 4, further comprising: 

20 after passage of the period of time, resetting the counter. 

6. The method of claim 1 , further comprising: 
permitting the requested connection; 

receiving sender information about the particular e-mail message from the particular 
domain; 

25 comparing the sender information from the particular domain against said 

configurable policy rules; and 
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blocking receipt of the incoming e-mail message if any of said policy rules would be 
violated. 

7. The method of claim 6, wherein said sender information is transmitted during a 
"MAIL FROM" phase of SMTP (Simple Mail Transport Protocol) processing. 

5 8. The method of claim 6, wherein said configurable policy rules specify a 

maximum number of different senders permitted by a given domain over a period of time. 

9. The method of claim 1, further comprising: 
permitting the requested connection; 

receiving recipient information about the particular e-mail message from the 
10 particular domain; 

comparing the recipient information from the particular domain against said 
configurable policy rules; and 

blocking receipt of the incoming e-mail message if any of said policy rules would be 
violated. 

15 10. The method of claim 9, wherein said sender information is transmitted during a 

"RCPT TO" phase of SMTP (Simple Mail Transport Protocol) processing. 

11. The method of claim 9, wherein said configurable policy rules specify a 
maximum number of different recipients permitted by a given domain over a period of time. 

12. The method of claim 1, further comprising: 
20 permitting the requested connection; 

receiving e-mail message body data about the particular e-mail message from the 
particular domain; 

comparing the e-mail message body data from the particular domain against said 
configurable policy rules; and 
25 blocking receipt of the incoming e-mail message if any of said policy rules would be 

violated. 
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13. The method of claim 12, wherein said sender information is transmitted during a 
"DATA" phase of SMTP (Simple Mail Transport Protocol) processing. 

14. The method of claim 12, wherein said configurable policy rules specify a 
maximum aggregate volume of e-mail permitted by a given domain over a period of time. 

5 15. The method of claim 14, wherein said maximum aggregate volume is based on 

total byte count of e-mail received from a given domain over a period of time. 

16. The method of claim 1, wherein said first process comprises a mail transport 
agent (MTA) process. 

17. The method claim 16, wherein said second process comprises a child mail 
10 transport agent (MTA) process. 

18. The method of claim 1, wherein said second process is created from said first 
process via a forking operation. 

19. The method of claim 18, wherein said second process is initially created as a copy 
of said first process. 

15 20. The method of claim 1, further comprising: 

creating a multitude of new processes for handling multiple requests to establish new 
connections, each new process being connected to said flow control filter providing filtering 
on a per-domain basis. 

21. An electronic mail (e-mail) system providing filtering of incoming e-mail 
20 messages on a per-domain basis, the system comprising: 

a parent process for receiving requests from different domains to establish new 
connections for transmitting e-mail messages; 

a plurality of child processes for handling the requests to establish new connections 
and for handling subsequent requests for transmitting e-mail messages; 
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a set of rules specifying conditions for accepting requests for new connections and for 
accepting requests for transmitting e-mail messages; and 

a flow control filter, in communication with said child processes and said set of rules, 
providing filtering based on each domain's conformance to said rules. 

5 22. The system of claim 21, wherein said parent process and said child processes 

comprise mail transport agent (MTA) processes. 

23. The system claim 21, wherein each said child process is created from the parent 
process via a forking operation. 

24. The system of claim 21, wherein each said child process is initially created as a 
10 copy of said parent process. 

25. The system of claim 21, wherein said set of rules comprises a configurable set of 

rules. 

26. The system of claim 21, wherein said set of rules comprises a set of rules stored in 
a text-based configuration file. 

15 27. The system of claim 21, wherein said set of rules comprises user-created class 

definitions specifying different classes of domains. 

28. The system of claim 27, wherein each said class definition includes a domain 
name corresponding to a particular domain that is to be monitored for filtering. 

29. The system of claim 27, wherein each said class definition includes limits that a 
20 particular domain must adhere to over a given period of time. 

30. The system of claim 29, wherein said limits include selected ones of: 
maximum number of different senders, 

maximum number of different recipients, 
maximum number of connections, 
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maximum number of envelopes, and 
maximum aggregate volume of mail. 

31. The system of claim 21, wherein a given domain is not filtered if a corresponding 
rule has not been created for that given domain, 

32. The system of claim 21, wherein said flow control filter denies a given domain's 
request for a new connection if any of said rules would be violated by granting the request. 

33. The system of claim 21, wherein said requests for transmitting e-mail messages 
comprise SMTP (Simple Mail Transport Protocol) commands submitted to the e-mail system 
from different domains. 

34. The system of claim 33, wherein said flow control filter processes said SMTP 
commands received from different domains to ascertain whether any of said rules would be 
violated. 

35. The system of claim 34, wherein said SMTP commands include a "MAIL 
FROM" command specifying sender information for a given e-mail message. 

36. The system of claim 35, wherein said flow control filter examines said sender 
information to ascertain whether any of said rules would be violated. 

37. The system of claim 34, wherein said SMTP commands include a "RCPT 
FROM" command specifying recipient information for a given e-mail message. 

38. The system of claim 37, wherein said flow control filter examines said recipient 
information to ascertain whether any of said rules would be violated. 

39. The system of claim 34, wherein said SMTP commands include a "DATA" 
command specifying e-mail message body data for a given e-mail message. 
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40. The system of claim 39, wherein said flow control filter examines said e-mail 
message body data to ascertain whether any of said rales would be violated. 

41. In an electronic mail (e-mail) system, a method for processing incoming e-mail 
messages that are being received from different domains, the method comprising: 

5 receiving requests from different domains to establish new connections for 

transmitting e-mail messages to the e-mail system; 

for each request received in connection with transmitting a given e-mail message, 
performing substeps of: 

identifying a particular domain that has submitted the request, 
10 based on the determined identity of the domain, determining whether the 

request to establish a new connection can be granted without violating policy rules, 
and 

based on the determined identity of the domain, determining whether 
subsequent requests to transmit different portions of a given e-mail message can be 
15 granted without violating said policy rules. 

42. The method of claim 41, wherein said step of determining whether the request to 
establish a new connection can be granted includes: 

determining a maximum number of connections permitted for the particular domain 
over a given period of time; and 
20 determining whether the particular domain would exceed said maximum number of 

connections if the request were granted. 

43. The method of claim 41, wherein said step of determining whether subsequent 
requests to transmit different portions of a given e-mail message can be granted includes: 

determining a maximum number of different senders permitted for the particular 
25 domain over a given period of time; and 

determining whether the particular domain would exceed said maximum number of 
different senders if the request were granted. 
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44. The method of claim 41, wherein said step of determining whether subsequent 
requests to transmit different portions of a given e-mail message can be granted includes: 

determining a maximum number of different recipients permitted for the particular 
domain over a given period of time; and 

determining whether the particular domain would exceed said maximum number of 
different recipients if the request were granted. 

45. The method of claim 41, wherein said step of determining whether subsequent 
requests to transmit different portions of a given e-mail message can be granted includes: 

determining a maximum number of different e-mail envelopes permitted for the 
particular domain over a given period of time; and 

determining whether the particular domain would exceed said maximum number of 
different e-mail envelopes if the request were granted. 

46. The method of claim 41, wherein said step of determining whether subsequent 
requests to transmit different portions of a given e-mail message can be granted includes: 

determining a maximum aggregate volume of e-mail permitted for the particular 
domain over a given period of time; and 

determining whether the particular domain would exceed said maximum aggregate 
volume of e-mail if the request were granted. 

47. The method of claim 41, further comprising: 

if the request to establish a new connection cannot be granted without violating said 
policy rules, denying the request. 

48. The method of claim 47, further comprising: 
returning an error code indicating why the request is denied. 

49. The method of claim 41, further comprising: 

if the request to transmit different portions of a given e-mail message cannot be 
granted without violating said policy rules, denying the request. 



Page 41 of 43 



50. The method of claim 41, wherein portions of a given e-mail message include 
sender information, recipient information, and message body data. 

51. The method of claim 41, wherein said policy rules are configurable. 

52. The method of claim 41, wherein said policy rules comprise user-edited rules 
5 created for different domains. 

53. The method of claim 52, wherein each user-edited rule comprises a host class 
definition specifying a particular domain and corresponding limits to be applied against that 
domain over a given period of time. 
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